Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
OpenSSL::HMAC#hexdigest (using MD5) vs Digest::MD5#hexdigest what are the differences and/or advantages? Couldn’t you just use Digest::MD5#hexdigest(KEY + DATA) or is that consider cryptographically weak?
The HMAC-MD5 of DATA and KEY is define as
where pad1 and pad2 are two fixed constants. Some of the more obvious things you might do are cryptographically weak.
is fatally flawed. Consider how MD5 works. It splits the input up into blocks of a certain size (512 bits for md5) and sets up some initial state h0, h1, h2, h3. It then does a bunch of transformations to mix the first block of data with that initial state to produce new values of h0, h1, h2, h3. The second block of data is then combined with those to produce a new set of h0,h1,h2,h3 and so on. The final value of the hash function is just the concatenation of h0,h1,h2,h3.
This means that if you give me
Digest::MD5#hexdigest(KEY + DATA)then I can calculate whatDigest::MD5#hexdigest(KEY + DATA + OTHER_DATA)is without knowing KEY at all. You can do the same thing with SHA1If instead you did
then any known collisions in MD5 are easily used to make messages with the same HMAC value.
Apparently
may be flawed too, even if two different keys were used. HMAC was designed to mitigate all of these attacks.